漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will perform a calculation in order to allocate memory for the list of indirect objects. Due to an error when calculating this size, an integer overflow may occur which can result in an undersized buffer being allocated. Later when initializing this buffer, the application can write outside its bounds which can cause a memory corruption that can lead to code execution. A specially crafted document can be delivered to a victim in order to trigger this vulnerability.
漏洞信息
N/A
漏洞
整数溢出或超界折返
漏洞
Nitro Software Nitro Pro 输入验证错误漏洞
漏洞信息
Nitro Software Nitro Pro是美国Nitro Software公司的一款PDF文档编辑器软件。该软件支持PDF文档编辑、PDF文档格式转换和PDF文档加密等功能。 Nitro Pro 13.13.2.242版本存在输入验证错误漏洞,该漏洞源于处理PDF文档的对象流时,为间接对象列表分配内存。由于计算此大小时出错,会发生整数溢出,从而导致分配的缓冲区过小。攻击者可借助该漏洞导致内存损坏,从而导致代码执行。
漏洞信息
N/A
漏洞
N/A